hirshfields.com

.com crawl

First seen 2026-04-22 · Last seen 2026-05-16 · ok HTTP/1.1 200 11173 ms crawled 2026-05-16

US · 192.252.154.11 · AS8739 ICDSoft Ltd.

Reputation 95/100 weak security headers

sector home type homepage

HTML metadata

Title

Hirshfield's | Paints, Stains, Wallcoverings, & Window Fashions

Description

Hirshfield's is a Minnesota-based, fourth generation, family-owned company in the paint & decorating business for over 125 years.

Language

en-US

Canonical

https://www.hirshfields.com/

Feeds

Hirshfield's » Feed RSS
Hirshfield's » Comments Feed RSS

Open Graph

url: https://www.hirshfields.com/
title: Home
locale: en_US
site name: Hirshfield's
description: Hirshfield's is a Minnesota-based, fourth generation, family-owned company in the paint & decorating business for over 125 years.

Technology

Server: Apache
CMS: WordPress

Analytics

Google Tag Manager

Fonts

Google Fonts

Social widgets

YouTube Embed

Third-party hosts loaded (6)

fonts.googleapis.com×2
static.klaviyo.com×2
www.google.com×2
www.googletagmanager.com×2
www.youtube.com×2
gmpg.org×1

Social

Registration

Registrar

Network Solutions, LLC

Created

1996-10-02

Expires

2027-10-01 500 days left

Updated

2025-10-16

Name servers

ns93.worldnic.com
ns94.worldnic.com

DNS records live

NS

ns93.worldnic.com
ns94.worldnic.com

MX

10 smtp1-mke.securence.com
10 smtp1-msp.securence.com

TXT

Show 4 TXT records

iContact644266
klaviyo-site-verification=YAJ6qz
MS=ms94825897
klaviyo-site-verification=TVqrja

Email authentication strong

SPF: v=spf1 +a +mx ip4:216.172.171.189 ip4:208.84.73.25 ip4:45.141.233.134 include:spf.protection.outlook.com include:spf.securence.com include:smtp4.shopify.com include:_spf.saashr.com -all
strict (-all)
DMARC: v=DMARC1; p=quarantine;
policy: quarantine
DKIM: no key found at common selectors

Certificate (current)

R13

from 2026-05-08 to 2026-08-06

Expires in 79 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 35/100 Checked live page: https://www.hirshfields.com/

present

permissions-policy

findings

missing HSTS
missing Content Security Policy
missing frame protection
missing content type protection
missing Referrer Policy

Header values

permissions-policy: private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")